48% of security leaders hesitant to adapt to post-quantum algorithms

Image via Unsplash

According to research, the rise of machine identities has created visibility and management challenges. The rise of connected devices and new machines introduced to an enterprise ecosystem has forced public key infrastructures (PKI) to serve a critical role in the security of digital transactions.

Yet, more than 60% of respondents were unsure of the exact number of keys and certificates in use within their organization — an increase of 17% from last year. This is caused by the dispersed nature of PKI management throughout an organization. With no clear ownership, less than half (47%) of organizations have an enterprise-wide strategy for managing PKI, even as the volume of certificates grew by 11%, from 231,063 in 2021 to 255,738 in 2022.

The confluence of these trends has prompted security leaders to prioritize reducing the complexity of their organization’s PKI infrastructure; more than half (58%) of respondents identified it as a top strategic priority for digital security.

Additional findings from the report include:

Rising concerns about ability to adopt post-quantum cryptography: In June 2022, NIST announced the first group of algorithms to become part of its post-quantum cryptographic standard, which is expected to be finalized within two years. Almost half (48%) of respondents say they are concerned about their ability to adapt to these post-quantum algorithms, up from 44% last year, prior to the NIST announcement.

Growth of machine identities increases operational burdens: Nearly three quarters (74%) of respondents say their organizations are deploying more cryptographic keys and digital certificates, which has significantly increased the operational burden on their organizations’ teams. This burden is exacerbated by a lack of skilled personnel; less than half (42%) of respondents say they do not have enough staff to deploy and maintain PKI effectively.

Certificate-related outages are hitting organizations hard: 77% of respondents report experiencing at least two significant outages caused by expired certificates in the past 24 months. Another 55% of respondents indicated that these outages caused major disruption to customer-facing services.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.